AN-TGT-001 Target Developer
Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.
Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.
Knowledges 66
| Code | Description | Work Roles |
|---|---|---|
| K0001 | Knowledge of computer networking concepts and protocols, and network security methodologies. | 52 |
| K0002 | Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). | 52 |
| K0003 | Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. | 52 |
| K0004 | Knowledge of cybersecurity and privacy principles. | 52 |
| K0005 | Knowledge of cyber threats and vulnerabilities. | 52 |
| K0006 | Knowledge of specific operational impacts of cybersecurity lapses. | 52 |
| K0036 | Knowledge of human-computer interaction principles. | 12 |
| K0058 | Knowledge of network traffic analysis methods. | 10 |
| K0108 | Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless). | 11 |
| K0109 | Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). | 15 |
| K0142 | Knowledge of collection management processes, capabilities, and limitations. | 4 |
| K0177 | Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). | 12 |
| K0349 | Knowledge of website types, administration, functions, and content management system (CMS). | 8 |
| K0351 | Knowledge of applicable statutes, laws, regulations and policies governing cyber targeting and exploitation. | 3 |
| K0357 | WITHDRAWN: Knowledge of analytical constructs and their use in assessing the operational environment. (See K0224) | 2 |
| K0362 | Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.). | 9 |
| K0379 | Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc. | 7 |
| K0381 | Knowledge of collateral damage and estimating impact(s). | 1 |
| K0392 | Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.). | 9 |
| K0395 | Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.). | 10 |
| K0402 | Knowledge of criticality and vulnerability factors (e.g., value, recuperation, cushion, countermeasures) for target selection and applicability to the cyber domain. | 1 |
| K0409 | Knowledge of cyber intelligence/information collection capabilities and repositories. | 4 |
| K0413 | Knowledge of cyber operation objectives, policies, and legalities. | 3 |
| K0417 | Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). | 10 |
| K0426 | Knowledge of dynamic and deliberate targeting. | 1 |
| K0427 | Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP). | 8 |
| K0431 | Knowledge of evolving/emerging communications technologies. | 11 |
| K0436 | Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects. | 8 |
| K0437 | Knowledge of general Supervisory control and data acquisition (SCADA) system components. | 4 |
| K0439 | Knowledge of governing authorities for targeting. | 2 |
| K0440 | Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability. | 8 |
| K0444 | Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP). | 11 |
| K0445 | Knowledge of how modern digital and telephony networks impact cyber operations. | 9 |
| K0446 | Knowledge of how modern wireless communications systems impact cyber operations. | 8 |
| K0449 | Knowledge of how to extract, analyze, and use metadata. | 7 |
| K0457 | Knowledge of intelligence confidence levels. | 3 |
| K0458 | Knowledge of intelligence disciplines. | 3 |
| K0460 | Knowledge of intelligence preparation of the environment and similar processes. | 5 |
| K0461 | Knowledge of intelligence production processes. | 1 |
| K0464 | Knowledge of intelligence support to planning, execution, and assessment. | 6 |
| K0465 | Knowledge of internal and external partner cyber operations capabilities and tools. | 6 |
| K0466 | Knowledge of internal and external partner intelligence processes and the development of information requirements and essential information. | 1 |
| K0471 | Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering). | 9 |
| K0473 | Knowledge of intrusion sets. | 3 |
| K0478 | Knowledge of legal considerations in targeting. | 1 |
| K0479 | Knowledge of malware analysis and characteristics. | 2 |
| K0497 | Knowledge of operational effectiveness assessment. | 2 |
| K0499 | Knowledge of operations security. | 8 |
| K0507 | Knowledge of organization or partner exploitation of digital networks. | 6 |
| K0516 | Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. | 10 |
| K0533 | Knowledge of specific target identifiers, and their usage. | 2 |
| K0542 | Knowledge of target development (i.e., concepts, roles, responsibilities, products, etc.). | 2 |
| K0543 | Knowledge of target estimated repair and recuperation times. | 1 |
| K0546 | Knowledge of target list development (i.e. Restricted, Joint, Candidate, etc.). | 1 |
| K0547 | Knowledge of target methods and procedures. | 2 |
| K0549 | Knowledge of target vetting and validation procedures. | 3 |
| K0551 | Knowledge of targeting cycles. | 3 |
| K0555 | Knowledge of TCP/IP networking protocols. | 1 |
| K0556 | Knowledge of telecommunications fundamentals. | 6 |
| K0560 | Knowledge of the basic structure, architecture, and design of modern communication networks. | 10 |
| K0561 | Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection). | 8 |
| K0565 | Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. | 11 |
| K0598 | Knowledge of the structure and intent of organization specific plans, guidance and authorizations. | 6 |
| K0603 | Knowledge of the ways in which targets or threats use the Internet. | 6 |
| K0604 | Knowledge of threat and/or target systems. | 4 |
| K0614 | Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems. | 7 |
Skills 28
| Code | Description | Work Roles |
|---|---|---|
| S0187 | Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses). | 3 |
| S0189 | Skill in assessing and/or estimating effects generated during and after cyber operations. | 3 |
| S0194 | Skill in conducting non-attributable research. | 5 |
| S0196 | Skill in conducting research using deep web. | 3 |
| S0203 | Skill in defining and characterizing all pertinent aspects of the operational environment. | 6 |
| S0205 | Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects. | 2 |
| S0208 | Skill in determining the physical location of network devices. | 2 |
| S0216 | Skill in evaluating available capabilities against desired effects to provide effective courses of action. | 2 |
| S0218 | Skill in evaluating information for reliability, validity, and relevance. | 8 |
| S0222 | Skill in fusion analysis | 2 |
| S0227 | Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes. | 4 |
| S0228 | Skill in identifying critical target elements, to include critical target elements for the cyber domain. | 4 |
| S0229 | Skill in identifying cyber threats which may jeopardize organization and/or partner interests. | 5 |
| S0248 | Skill in performing target system analysis. | 3 |
| S0249 | Skill in preparing and presenting briefings. | 8 |
| S0256 | Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships. | 5 |
| S0274 | Skill in reviewing and editing target materials. | 2 |
| S0278 | Skill in tailoring analysis to the necessary levels (e.g., classification and organizational). | 6 |
| S0285 | Skill in using Boolean operators to construct simple and complex queries. | 4 |
| S0287 | Skill in using geospatial data and applying geospatial resources. | 2 |
| S0288 | Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.). | 4 |
| S0289 | Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches. | 4 |
| S0292 | Skill in using targeting databases and software packages. | 2 |
| S0296 | Skill in utilizing feedback to improve processes, products, and services. | 9 |
| S0297 | Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint). | 7 |
| S0302 | Skill in writing effectiveness reports. | 1 |
| S0360 | Skill to analyze and assess internal and external partner cyber operations capabilities and tools. | 6 |
| S0361 | Skill to analyze and assess internal and external partner intelligence processes and the development of information requirements and essential information. | 1 |
Abilities 14
| Code | Description | Work Roles |
|---|---|---|
| A0013 | Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. | 14 |
| A0066 | Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. | 12 |
| A0080 | Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. | 6 |
| A0084 | Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. | 7 |
| A0087 | Ability to focus research efforts to meet the customer’s decision-making needs. | 6 |
| A0088 | Ability to function effectively in a dynamic, fast-paced environment. | 7 |
| A0089 | Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. | 13 |
| A0091 | Ability to identify intelligence gaps. | 6 |
| A0101 | Ability to recognize and mitigate cognitive biases which may affect analysis. | 6 |
| A0102 | Ability to recognize and mitigate deception in reporting and analysis. | 5 |
| A0106 | Ability to think critically. | 9 |
| A0109 | Ability to utilize multiple intelligence sources across all intelligence disciplines. | 6 |
| A0085 | Ability to exercise judgment when policies are not well-defined. | 9 |
| A0073 | Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information. | 2 |
Tasks 35
| Code | Description | Work Roles |
|---|---|---|
| T0561 | Accurately characterize targets. | 1 |
| T0582 | Provide expertise to course of action development. | 5 |
| T0588 | Provide expertise to the development of measures of effectiveness and measures of performance. | 2 |
| T0594 | Build and maintain electronic target folders. | 1 |
| T0597 | Collaborate with intelligence analysts/targeting organizations involved in related areas. | 4 |
| T0599 | Collaborate with other customer, Intelligence and targeting organizations involved in related cyber areas. | 2 |
| T0661 | Develop measures of effectiveness and measures of performance. | 2 |
| T0617 | Conduct nodal analysis. | 5 |
| T0624 | Conduct target research and analysis. | 3 |
| T0633 | Coordinate target vetting with appropriate partners. | 1 |
| T0642 | Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology. | 2 |
| T0650 | Determine what technologies are used by a given target. | 3 |
| T0652 | Develop all-source intelligence targeting materials. | 1 |
| T0663 | Develop munitions effectiveness assessment or operational assessment materials. | 2 |
| T0684 | Estimate operational effects generated through cyber activities. | 2 |
| T0688 | Evaluate available capabilities against desired effects to recommend efficient solutions. | 1 |
| T0707 | Generate requests for information. | 5 |
| T0710 | Identify and evaluate threat critical capabilities, requirements, and vulnerabilities. | 3 |
| T0717 | Identify critical target elements. | 1 |
| T0731 | Initiate requests to guide tasking and assist with collection management. | 1 |
| T0744 | Maintain target lists (i.e., RTL, JTL, CTL, etc.). | 1 |
| T0769 | Perform targeting automation activities. | 1 |
| T0770 | Characterize websites. | 1 |
| T0776 | Produce target system analysis products. | 1 |
| T0781 | Provide aim point and reengagement recommendations. | 1 |
| T0782 | Provide analyses and support for effectiveness assessment. | 3 |
| T0790 | Provide input for targeting effectiveness assessments for leadership acceptance. | 1 |
| T0794 | Provide operations and reengagement recommendations. | 1 |
| T0797 | Provide target recommendations which meet leadership objectives. | 4 |
| T0798 | Provide targeting products and targeting support as designated. | 1 |
| T0799 | Provide time sensitive targeting support. | 1 |
| T0802 | Review appropriate information sources to determine validity and relevance of information gathered. | 2 |
| T0815 | Sanitize and minimize information to protect sources and methods. | 1 |
| T0824 | Support identification and documentation of collateral effects. | 1 |
| T0835 | Work closely with planners, analysts, and collection managers to identify intelligence gaps and ensure intelligence requirements are accurate and up-to-date. | 1 |